﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Data.SqlClient;
using System.Collections;

namespace UFSSServerClasses
{
    public static class UserAccess
    {
        public static ArrayList getTopUsers(int amount)
        {
            ArrayList users = new ArrayList();
            UFSSUser u = null;
            try
            {
                using (SqlConnection connection = new SqlConnection(DBAccess.getConString()))
                {
                    connection.Open();
                    SqlCommand c = new SqlCommand("gettopusers", connection);
                    c.CommandType = System.Data.CommandType.StoredProcedure;
                    c.Parameters.Add(new SqlParameter("@num", amount));
                    SqlDataReader r = c.ExecuteReader();
                    while (r.Read())
                    {
                        u = new UFSSUser();
                        u.userid = (int)r["userid"];
                        u.username = r["username"].ToString();
                        u.filecount = (int)r["filecount"];
                        users.Add(u);
                    }
                    connection.Close();
                    return users;
                }
            }
            catch
            {
                return null;
            }
        }
        public static bool addUser(string username, string password, string first, string last, 
            string email, string ip)
        {
            try
            {
                using (SqlConnection connection = new SqlConnection(DBAccess.getConString()))
                {
                    connection.Open();
                    SqlCommand c = new SqlCommand("adduser", connection);
                    c.CommandType = System.Data.CommandType.StoredProcedure;
                    c.Parameters.Add(new SqlParameter("@username", username));
                    c.Parameters.Add(new SqlParameter("@password", password));
                    c.Parameters.Add(new SqlParameter("@firstname", first));
                    c.Parameters.Add(new SqlParameter("@lastname", last));
                    c.Parameters.Add(new SqlParameter("@email", email));
                    c.Parameters.Add(new SqlParameter("@ip", ip));
                    c.ExecuteNonQuery();
                    connection.Close();
                    return true;
                }
            }
            catch
            {
                return false;
            }
        }
        public static string[] searchUsers(string query)
        {
            try
            {
                using (SqlConnection connection = new SqlConnection(DBAccess.getConString()))
                {
                    ArrayList users = new ArrayList();
                    connection.Open();
                    SqlCommand c = new SqlCommand("usersearch", connection);
                    c.CommandType = System.Data.CommandType.StoredProcedure;
                    c.Parameters.Add(new SqlParameter("@search", query));
                    SqlDataReader r = c.ExecuteReader();
                    while (r.Read())
                    {
                        string username = r.GetString(0);
                        users.Add(username);



                    }
                    connection.Close();
                    string[] userarray = new string[users.Count];
                    for (int i = 0; i < users.Count; i++)
                        userarray[i] = users[i].ToString();

                    return userarray;

                }
            }
            catch
            {
                return null;
            }
        }
        public static bool deluser(string username)
        {
            try
            {
                using (SqlConnection connection = new SqlConnection(DBAccess.getConString()))
                {
                    connection.Open();
                    SqlCommand c = new SqlCommand("deluser", connection);
                    c.CommandType = System.Data.CommandType.StoredProcedure;
                    c.Parameters.Add(new SqlParameter("@userid", DBAccess.getUserID(username)));
                    c.ExecuteNonQuery();
                    connection.Close();
                    return true;
                }
            }
            catch
            {
                return false;
            }
        }

        public static bool updateUser(string username, string first, string last, string email)
        {
            try
            {
                using (SqlConnection connection = new SqlConnection(DBAccess.getConString()))
                {
                    connection.Open();
                    SqlCommand c = new SqlCommand("updateuser", connection);
                    c.CommandType = System.Data.CommandType.StoredProcedure;
                    c.Parameters.Add(new SqlParameter("@userid", DBAccess.getUserID(username)));
                    c.Parameters.Add(new SqlParameter("@firstname", first));
                    c.Parameters.Add(new SqlParameter("@lastname", last));
                    c.Parameters.Add(new SqlParameter("@email", email));
                    c.ExecuteNonQuery();
                    connection.Close();
                    return true;
                }
            }
            catch
            {
                return false;
            }
        }

        public static bool updatePass(int userid, string password)
        {
            try
            {
                using (SqlConnection connection = new SqlConnection(DBAccess.getConString()))
                {
                    connection.Open();
                    SqlCommand c = new SqlCommand("updatepass", connection);
                    c.CommandType = System.Data.CommandType.StoredProcedure;
                    c.Parameters.Add(new SqlParameter("@userid", userid));
                    c.Parameters.Add(new SqlParameter("@password", password));
                    c.ExecuteNonQuery();
                    connection.Close();
                    return true;
                }
            }
            catch
            {
                return false;
            }
        }    

        /// <summary>
        /// 
        /// </summary>
        /// <param name="username"></param>
        /// <returns>0. username, 1. firstname, 2. lastname, 3. email, 4. ip</returns>
        public static string[] getUserInfo(string username)
        {
            string[] result = new string[6];
            try
            {
                using (SqlConnection connection = new SqlConnection(DBAccess.getConString()))
                {
                    connection.Open();
                    SqlCommand c = new SqlCommand("getuserinfo", connection);
                    c.CommandType = System.Data.CommandType.StoredProcedure;
                    c.Parameters.Add(new SqlParameter("@userid", DBAccess.getUserID(username)));
                    SqlDataReader r = c.ExecuteReader();
                    while (r.Read())
                    {
                        result[0] = r.GetValue(0).ToString();
                        result[1] = r.GetValue(1).ToString();
                        result[2] = r.GetValue(2).ToString();
                        result[3] = r.GetValue(3).ToString();
                        result[4] = r.GetValue(4).ToString();
                        result[5] = r.GetValue(5).ToString();
                    }
                    connection.Close();
                    return result;
                }
            }
            catch 
            {
                return null;
            }
        }

        public static string login(string username, string password)
        {
            string result = null;
            try
            {
                using (SqlConnection connection = new SqlConnection(DBAccess.getConString()))
                {
                    connection.Open();
                    SqlCommand c = new SqlCommand("userlogin", connection);
                    c.CommandType = System.Data.CommandType.StoredProcedure;
                    c.Parameters.Add(new SqlParameter("@username", username));
                    c.Parameters.Add(new SqlParameter("@password", password));
                    SqlDataReader r = c.ExecuteReader();
                    while (r.Read())
                    {
                        result = r.GetValue(0).ToString();
                    }
                    connection.Close();

                        return result;
                }
            }
            catch 
            {
                return null;
            }
        }
        public static string getUserStat(int userid, string property)
        {
            string result = null;
            try
            {
                using (SqlConnection connection = new SqlConnection(DBAccess.getConString()))
                {
                    connection.Open();
                    SqlCommand c = new SqlCommand("getuserstats", connection);
                    c.CommandType = System.Data.CommandType.StoredProcedure;
                    c.Parameters.Add(new SqlParameter("@userid", userid));
                    SqlDataReader r = c.ExecuteReader();
                    while (r.Read())
                    {
                        result = r[property].ToString();
                    }
                    connection.Close();

                    return result;
                }
            }
            catch
            {
                return null;
            }
        }

        public static string forgotPass(string username, string email)
        {
            string result = null;

            try
            {
                using (SqlConnection connection = new SqlConnection(DBAccess.getConString()))
                {
                    connection.Open();
                    SqlCommand c = new SqlCommand("forgotpass", connection);
                    c.CommandType = System.Data.CommandType.StoredProcedure;
                    c.Parameters.Add(new SqlParameter("@userid", DBAccess.getUserID(username)));
                    c.Parameters.Add(new SqlParameter("@email", email));
                    SqlDataReader r = c.ExecuteReader();
                    while (r.Read())
                    {
                        result = r.GetString(0);
                    }
                    connection.Close();

                    //System.Net.Mail.MailMessage message = new System.Net.Mail.MailMessage();
                    //message.To.Add(email);
                    //message.Subject = "Password Recovery";
                    //message.From = new System.Net.Mail.MailAddress("NoReply@ufss.mhague.com");
                    //message.Body = "You have requested your password\nYou password is:\n" + result;
                    //System.Net.Mail.SmtpClient smtp = new System.Net.Mail.SmtpClient("smtp.gmail.com"); //smtpHostAddress
                    //smtp.Send(message);

                    return result;
                }
            }
            catch
            {
            }

            return result;
        }
    }
}
